package org.management.config.shiro.realm;

import java.util.ArrayList;
import java.util.List;
import javax.annotation.Resource;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.management.base.data.PermissionCode;
import org.management.config.shiro.manager.TokenManager;
import org.management.system.entity.*;
import org.management.system.service.PermissionService;
import org.management.system.service.UserService;
import org.management.utils.EncryptUtils;
import org.springframework.stereotype.Service;

/**
 * @title: SimpleRealm
 * @description: shiro realm 登录验证
 * @author: jiangyan
 * @date:  2019/1/24
 */
@Service
public class SimpleRealm extends AuthorizingRealm{

	@Resource
	private UserService userService;

	@Resource
	private PermissionService permissionService;


	/**
	 * 认证信息，主要针对用户登录
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
		String password = EncryptUtils.encryptMd5Password(String.valueOf(token.getPassword()),token.getUsername());
		UserEntity user = userService.login(token.getUsername(), password);
		if (user == null) {
			throw new AccountException("帐号或密码不正确！");
		} else if(!user.getIsOpen()) {
			throw new LockedAccountException("帐号锁定");
		}
		RoleEntity roleEntity = userService.getDefaultRole(user.getId());
		if (roleEntity == null){
			throw new AuthenticationException("用户没有设置角色");
		}
		SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
				user, 
				user.getPassword(),
				ByteSource.Util.bytes(user.getLoginName()),
				getName() 
				);
		this.doGetAuthorizationInfo(authenticationInfo.getPrincipals());
		return authenticationInfo;
	}


	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		this.clearCachedAuthenticationInfo(principals);
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		List<PermissionEntity> permissionEntities = permissionService.selectPermissionByRoleId(TokenManager.getRoleId());
		if (permissionEntities.size() > 0) {
			List<String> permissions = new ArrayList<>();
			for (PermissionEntity entity : permissionEntities) {
				permissions.add(entity.getPermissionRule());
			}
			info.addStringPermissions(permissions);
		} else {
			info.addStringPermission(PermissionCode.USER_ALL);
		}
		return info;
	}
	
}
